8 files changed, 54 insertions, 48 deletions

diff --git a/contrib/builder-keys/README.md b/contrib/builder-keys/README.md
index 56bd87d0af..a6179d6012 100644
--- a/contrib/builder-keys/README.md
+++ b/contrib/builder-keys/README.md
@@ -19,9 +19,15 @@ gpg --refresh-keys
 To fetch keys of builders and active developers, feed the list of fingerprints
 of the primary keys into gpg:
 
+On \*NIX:
 ```sh
 while read fingerprint keyholder_name; do gpg --keyserver hkps://keys.openpgp.org --recv-keys ${fingerprint}; done < ./keys.txt
 ```
 
+On Windows (requires Gpg4win >= 4.0.0):
+```
+FOR /F "tokens=1" %i IN (keys.txt) DO gpg --keyserver hkps://keys.openpgp.org --recv-keys %i
+```
+
 Add your key to the list if you provided Guix attestations for two major or
 minor releases of Bitcoin Core.
diff --git a/contrib/guix/libexec/build.sh b/contrib/guix/libexec/build.sh
index 4eeb360603..2757d10a7c 100755
--- a/contrib/guix/libexec/build.sh
+++ b/contrib/guix/libexec/build.sh
@@ -79,19 +79,6 @@ prepend_to_search_env_var() {
     export "${1}=${2}${!1:+:}${!1}"
 }
 
-case "$HOST" in
-    *darwin*)
-        # When targeting darwin, zlib is required by native_libdmg-hfsplus.
-        zlib_store_path=$(store_path "zlib")
-        zlib_static_store_path=$(store_path "zlib" static)
-
-        prepend_to_search_env_var LIBRARY_PATH "${zlib_static_store_path}/lib:${zlib_store_path}/lib"
-        prepend_to_search_env_var C_INCLUDE_PATH "${zlib_store_path}/include"
-        prepend_to_search_env_var CPLUS_INCLUDE_PATH "${zlib_store_path}/include"
-        prepend_to_search_env_var OBJC_INCLUDE_PATH "${zlib_store_path}/include"
-        prepend_to_search_env_var OBJCPLUS_INCLUDE_PATH "${zlib_store_path}/include"
-esac
-
 # Set environment variables to point the CROSS toolchain to the right
 # includes/libs for $HOST
 case "$HOST" in
@@ -332,8 +319,7 @@ mkdir -p "$DISTSRC"
             mkdir -p "unsigned-app-${HOST}"
             cp  --target-directory="unsigned-app-${HOST}" \
                 osx_volname \
-                contrib/macdeploy/detached-sig-create.sh \
-                "${BASEPREFIX}/${HOST}"/native/bin/dmg
+                contrib/macdeploy/detached-sig-create.sh
             mv --target-directory="unsigned-app-${HOST}" dist
             (
                 cd "unsigned-app-${HOST}"
diff --git a/contrib/guix/libexec/codesign.sh b/contrib/guix/libexec/codesign.sh
index 6ede95f42b..9a5d3a1ce5 100755
--- a/contrib/guix/libexec/codesign.sh
+++ b/contrib/guix/libexec/codesign.sh
@@ -84,14 +84,11 @@ mkdir -p "$DISTSRC"
             # Apply detached codesignatures to dist/ (in-place)
             signapple apply dist/Bitcoin-Qt.app codesignatures/osx/dist
 
-            # Make an uncompressed DMG from dist/
+            # Make a DMG from dist/
             xorrisofs -D -l -V "$(< osx_volname)" -no-pad -r -dir-mode 0755 \
-                      -o uncompressed.dmg \
+                      -o "${OUTDIR}/${DISTNAME}-${HOST}.dmg" \
                       dist \
                       -- -volume_date all_file_dates ="$SOURCE_DATE_EPOCH"
-
-            # Compress uncompressed.dmg and output to OUTDIR
-            ./dmg dmg uncompressed.dmg "${OUTDIR}/${DISTNAME}-${HOST}.dmg"
             ;;
         *)
             exit 1
diff --git a/contrib/guix/manifest.scm b/contrib/guix/manifest.scm
index 708d2e698d..9f8a4008cf 100644
--- a/contrib/guix/manifest.scm
+++ b/contrib/guix/manifest.scm
@@ -573,8 +573,6 @@ inspecting signatures in Mach-O binaries.")
         bzip2
         gzip
         xz
-        zlib
-        (list zlib "static")
         ;; Build tools
         gnu-make
         libtool
diff --git a/contrib/macdeploy/README.md b/contrib/macdeploy/README.md
index ce69079e29..fa7d953ce3 100644
--- a/contrib/macdeploy/README.md
+++ b/contrib/macdeploy/README.md
@@ -15,13 +15,16 @@ When complete, it will have produced `Bitcoin-Core.dmg`.
 A free Apple Developer Account is required to proceed.
 
 Our current macOS SDK
-(`Xcode-12.2-12B45b-extracted-SDK-with-libcxx-headers.tar.gz`) can be
-extracted from
+(`Xcode-12.2-12B45b-extracted-SDK-with-libcxx-headers.tar.gz`)
+can be extracted from
 [Xcode_12.2.xip](https://download.developer.apple.com/Developer_Tools/Xcode_12.2/Xcode_12.2.xip).
+
 Alternatively, after logging in to your account go to 'Downloads', then 'More'
 and search for [`Xcode_12.2`](https://developer.apple.com/download/all/?q=Xcode%2012.2).
+
 An Apple ID and cookies enabled for the hostname are needed to download this.
-The `sha256sum` of the archive should be `28d352f8c14a43d9b8a082ac6338dc173cb153f964c6e8fb6ba389e5be528bd0`.
+
+The `sha256sum` of the downloaded XIP archive should be `28d352f8c14a43d9b8a082ac6338dc173cb153f964c6e8fb6ba389e5be528bd0`.
 
 After Xcode version 7.x, Apple started shipping the `Xcode.app` in a `.xip`
 archive. This makes the SDK less-trivial to extract on non-macOS machines. One
@@ -55,7 +58,10 @@ previous stage) as the first argument.
 ./contrib/macdeploy/gen-sdk '/path/to/Xcode.app'
 ```
 
+The `sha256sum` of the generated TAR.GZ archive should be `e7ca56bc8804d16624fad68be2e71647747d6629cacaaa3de5fbfa7f444e9eae`.
+
 ## Deterministic macOS DMG Notes
+
 Working macOS DMGs are created in Linux by combining a recent `clang`, the Apple
 `binutils` (`ld`, `ar`, etc) and DMG authoring tools.
 
@@ -89,16 +95,7 @@ redistributed.
 
 [`xorrisofs`](https://www.gnu.org/software/xorriso/) is used to create the DMG.
 
-`xorrisofs` cannot compress DMGs, so afterwards, the DMG tool from the
-`libdmg-hfsplus` project is used to compress it. There are several bugs in this
-tool and its maintainer has seemingly abandoned the project.
-
-The DMG tool has the ability to create DMGs from scratch as well, but this functionality is
-broken. Only the compression feature is currently used. Ideally, the creation could be fixed
-and `xorrisofs` would no longer be necessary.
-
-Background images and other features can be added to DMG files by inserting a
-`.DS_Store` during creation.
+A background image is added to DMG files by inserting a `.DS_Store` during creation.
 
 As of OS X 10.9 Mavericks, using an Apple-blessed key to sign binaries is a requirement in
 order to satisfy the new Gatekeeper requirements. Because this private key cannot be
diff --git a/contrib/macdeploy/gen-sdk b/contrib/macdeploy/gen-sdk
index ebef1d2db0..d70cc8613c 100755
--- a/contrib/macdeploy/gen-sdk
+++ b/contrib/macdeploy/gen-sdk
@@ -8,6 +8,21 @@ import gzip
 import os
 import contextlib
 
+# monkey-patch Python 3.8 and older to fix wrong TAR header handling
+# see https://github.com/bitcoin/bitcoin/pull/24534
+# and https://github.com/python/cpython/pull/18080 for more info
+if sys.version_info < (3, 9):
+    _old_create_header = tarfile.TarInfo._create_header
+    def _create_header(info, format, encoding, errors):
+        buf = _old_create_header(info, format, encoding, errors)
+        # replace devmajor/devminor with binary zeroes
+        buf = buf[:329] + bytes(16) + buf[345:]
+        # recompute checksum
+        chksum = tarfile.calc_chksums(buf)[0]
+        buf = buf[:-364] + bytes("%06o\0" % chksum, "ascii") + buf[-357:]
+        return buf
+    tarfile.TarInfo._create_header = staticmethod(_create_header)
+
 @contextlib.contextmanager
 def cd(path):
     """Context manager that restores PWD even if an exception was raised."""
@@ -75,14 +90,21 @@ def run():
                 tarinfo.name = str(pathlib.Path(alt_base_dir, tarinfo.name))
             if tarinfo.linkname and tarinfo.linkname.startswith("./"):
                 tarinfo.linkname = str(pathlib.Path(alt_base_dir, tarinfo.linkname))
+            # make metadata deterministic
+            tarinfo.mtime = 0
+            tarinfo.uid, tarinfo.uname =  0, ''
+            tarinfo.gid, tarinfo.gname = 0, ''
+            # don't use isdir() as there are also executable files present
+            tarinfo.mode = 0o0755 if tarinfo.mode & 0o0100 else 0x0644
             return tarinfo
         with cd(dir_to_add):
+            # recursion already adds entries in sorted order
             tarfp.add(".", recursive=True, filter=change_tarinfo_base)
 
     print("Creating output .tar.gz file...")
     with out_sdktgz_path.open("wb") as fp:
         with gzip.GzipFile(fileobj=fp, mode='wb', compresslevel=9, mtime=0) as gzf:
-            with tarfile.open(mode="w", fileobj=gzf) as tarfp:
+            with tarfile.open(mode="w", fileobj=gzf, format=tarfile.GNU_FORMAT) as tarfp:
                 print("Adding MacOSX SDK {} files...".format(sdk_version))
                 tarfp_add_with_base_change(tarfp, sdk_dir, out_name)
                 print("Adding libc++ headers...")
diff --git a/contrib/testgen/README.md b/contrib/testgen/README.md
index 66276ec9dd..2f0288df16 100644
--- a/contrib/testgen/README.md
+++ b/contrib/testgen/README.md
@@ -2,7 +2,7 @@
 
 Utilities to generate test vectors for the data-driven Bitcoin tests.
 
-Usage:
+To use inside a scripted-diff (or just execute directly):
 
     ./gen_key_io_test_vectors.py valid 70 > ../../src/test/data/key_io_valid.json
     ./gen_key_io_test_vectors.py invalid 70 > ../../src/test/data/key_io_invalid.json
diff --git a/contrib/testgen/gen_key_io_test_vectors.py b/contrib/testgen/gen_key_io_test_vectors.py
index 4aa7dc200b..7bfb1d76a8 100755
--- a/contrib/testgen/gen_key_io_test_vectors.py
+++ b/contrib/testgen/gen_key_io_test_vectors.py
@@ -4,10 +4,6 @@
 # file COPYING or http://www.opensource.org/licenses/mit-license.php.
 '''
 Generate valid and invalid base58/bech32(m) address and private key test vectors.
-
-Usage:
-    ./gen_key_io_test_vectors.py valid 70 > ../../src/test/data/key_io_valid.json
-    ./gen_key_io_test_vectors.py invalid 70 > ../../src/test/data/key_io_invalid.json
 '''
 
 from itertools import islice
@@ -131,7 +127,7 @@ def is_valid_bech32(v):
 def gen_valid_base58_vector(template):
     '''Generate valid base58 vector'''
     prefix = bytearray(template[0])
-    payload = bytearray(os.urandom(template[1]))
+    payload = rand_bytes(size=template[1])
     suffix = bytearray(template[2])
     dst_prefix = bytearray(template[4])
     dst_suffix = bytearray(template[5])
@@ -143,7 +139,7 @@ def gen_valid_bech32_vector(template):
     '''Generate valid bech32 vector'''
     hrp = template[0]
     witver = template[1]
-    witprog = bytearray(os.urandom(template[2]))
+    witprog = rand_bytes(size=template[2])
     encoding = template[4]
     dst_prefix = bytearray(template[5])
     rv = bech32_encode(encoding, hrp, [witver] + convertbits(witprog, 8, 5))
@@ -173,17 +169,17 @@ def gen_invalid_base58_vector(template):
     corrupt_suffix = randbool(0.2)
 
     if corrupt_prefix:
-        prefix = os.urandom(1)
+        prefix = rand_bytes(size=1)
     else:
         prefix = bytearray(template[0])
 
     if randomize_payload_size:
-        payload = os.urandom(max(int(random.expovariate(0.5)), 50))
+        payload = rand_bytes(size=max(int(random.expovariate(0.5)), 50))
     else:
-        payload = os.urandom(template[1])
+        payload = rand_bytes(size=template[1])
 
     if corrupt_suffix:
-        suffix = os.urandom(len(template[2]))
+        suffix = rand_bytes(size=len(template[2]))
     else:
         suffix = bytearray(template[2])
 
@@ -204,7 +200,7 @@ def gen_invalid_bech32_vector(template):
     to_upper = randbool(0.1)
     hrp = template[0]
     witver = template[1]
-    witprog = bytearray(os.urandom(template[2]))
+    witprog = rand_bytes(size=template[2])
     encoding = template[3]
 
     if no_data:
@@ -234,6 +230,9 @@ def randbool(p = 0.5):
     '''Return True with P(p)'''
     return random.random() < p
 
+def rand_bytes(*, size):
+    return bytearray(random.getrandbits(8) for _ in range(size))
+
 def gen_invalid_vectors():
     '''Generate invalid test vectors'''
     # start with some manual edge-cases
@@ -250,6 +249,7 @@ def gen_invalid_vectors():
 if __name__ == '__main__':
     import json
     iters = {'valid':gen_valid_vectors, 'invalid':gen_invalid_vectors}
+    random.seed(42)
     try:
         uiter = iters[sys.argv[1]]
     except IndexError: